Welcome!

Hi there! My name is Sébastien Vaucher, I’m currently pursuing a PhD degree at the Institute of Computer Science of the University of Neuchâtel, Switzerland. If you’re here, it’s probably because you want to know more about me. I hope that you will find what you are looking for on this website.

Below, you will find an up-to-date list of the scientific articles that I (co-)authored. Underneath follows a list of less formal projects that I realized.

Should you be unable to find something, you can instantly contact me using the chat button in the lower right. It will start an XMPP/Jabber chat with me.

Abstract

The deployment of large-scale distributed systems, e.g., publish-subscribe platforms, that operate over sensitive data using the infrastructure of public cloud providers, is nowadays heavily hindered by the surging lack of trust toward the cloud operators. Although purely software-based solutions exist to protect the confidentiality of data and the processing itself, such as homomorphic encryption schemes, their performance is far from being practical under real-world workloads. The performance trade-offs of two novel hardware-assisted memory protection mechanisms, namely AMD SEV and Intel SGX—currently available on the market to tackle this problem, are described in this practical experience. Specifically, we implement and evaluate a publish/subscribe use-case and evaluate the impact of the memory protection mechanisms and the resulting performance. This paper reports on the experience gained while building this system, in particular when having to cope with the technical limitations imposed by SEV and SGX. Several trade-offs that provide valuable insights in terms of latency, throughput, processing time and energy requirements are exhibited by means of micro- and macro-benchmarks.

Abstract

Containers are becoming the de facto standard to package and deploy applications and micro-services in the cloud. Several cloud providers (Amazon, Google, Microsoft) begin to offer native support on their infrastructure by integrating container orchestration tools within their cloud offering. At the same time, the security guarantees that containers offer to applications remain questionable. The customers still need to trust their cloud provider with respect to data and code integrity. The recent introduction by Intel of Software Guard Extensions (SGX) into the mass market offers an alternative to developers, who can now execute their code in a hardware-secured environment without trusting the cloud provider.

This paper provides insights regarding the support of SGX inside Kubernetes, an industry-standard container orchestrator. We present our contributions across the whole stack supporting execution of SGX-enabled containers. We provide details regarding the architecture of the scheduler and its monitoring framework, the underlying operating system support and the required kernel driver extensions. We evaluate our complete implementation on a private cluster using the real-world Google Borg traces. Our experiments highlight the performance trade-offs that will be encountered when deploying SGX-enabled micro-services in the cloud.

Abstract

Many organisations enhance the performance, security, and functionality of their managed networks by deploying middleboxes centrally as part of their core network. While this simplifies maintenance, it also increases cost because middlebox hardware must scale with the number of clients. A promising alternative is to outsource middlebox functions to the clients themselves, thus leveraging their CPU resources. Such an approach, however, raises security challenges for critical middlebox functions such as firewalls and intrusion detection systems.

We describe EndBox, a system that securely executes middlebox functions on client machines at the network edge. Its design combines a virtual private network (VPN) with middlebox functions that are hardware-protected by a trusted execution environment (TEE), as offered by Intel’s Software Guard Extensions (SGX). By maintaining VPN connection endpoints inside SGX enclaves, EndBox ensures that all client traffic, including encrypted communication, is processed by the middlebox. Despite its decentralised model, EndBox’s middlebox functions remain maintainable: they are centrally controlled and can be updated efficiently. We demonstrate EndBox with two scenarios involving (i) a large company; and (ii) an Internet service provider that both need to protect their network and connected clients. We evaluate EndBox by comparing it to centralised deployments of common middlebox functions, such as load balancing, intrusion detection, firewalling, and DDoS prevention. We show that EndBox achieves up to 3.8x higher throughput and scales linearly with the number of clients.

Abstract

While many cloud storage systems allow users to protect their data by making use of encryption, only few support collaborative editing on that data. A major challenge for enabling such collaboration is the need to enforce cryptographic access control policies in a secure and efficient manner. In this paper, we introduce IBBE-SGX, a new cryptographic access control extension that is efficient both in terms of computation and storage even when processing large and dynamic workloads of membership operations, while at the same time offering zero knowledge guarantees.

IBBE-SGX builds upon Identity-Based Broadcasting Encryption (IBBE). We address IBBE’s impracticality for cloud deployments by exploiting Intel Software Guard Extensions to derive cuts in the computational complexity. Moreover, we propose a group partitioning mechanism such that the computational cost of membership update is bound to a fixed constant partition size rather than the size of the whole group. We have implemented and evaluated our new access control extension. Results highlight that IBBE-SGX performs membership changes 1.2 orders of magnitude faster than the traditional approach of Hybrid Encryption (HE), producing group metadata that are 6 orders of magnitude smaller than HE, while at the same time offering zero knowledge guarantees.

Abstract

The latest generation of Intel processors supports Software Guard Extensions (SGX), a set of instructions that implements a Trusted Execution Environment (TEE) right inside the CPU, by means of so-called enclaves. This paper presents Stress-SGX, an easy-to-use stress-test tool to evaluate the performance of SGX-enabled nodes. We build on top of the popular stress-ng tool, while only keeping the workload injectors (stressors) that are meaningful in the SGX context. We report on several insights and lessons learned about porting legacy code to run inside an SGX enclave, as well as the limitations introduced by this process. Finally, we use Stress-SGX to conduct a study comparing the performance of different SGX-enabled machines.

Abstract

We present ErasureBench, an open-source framework to test and benchmark erasure coding implementations for distributed storage systems under realistic conditions. ErasureBench automatically instantiates and scales a cluster of storage nodes, and can seamlessly leverage existing failure traces. As a first example, we use ErasureBench to compare three coding implementations: a (10,4) Reed-Solomon (RS) code, a (10,6,5) locally repairable code (LRC), and a partition of the data source in ten pieces without error-correction. Our experiments show that LRC and RS codes require the same repair throughput when used with small storage nodes, since cluster and network management traffic dominate at this regime. With large storage nodes, read and write traffic increases and our experiments confirm the theoretical and practical tradeoffs between the storage overhead and repair bandwidth of RS and LRC codes.

ClimbinGym is a management tool for climbing gyms. It is a useful tool for both gym staff and climbers. A web application is used to manage the different routes built in the gym.

My work was to write a brand new Android application usable by climbers and staff. Climbers can follow their progression of the different routes provided by the gym. Staff members can use the application to manage the routes comfortably from their smartphones.

The project was realized as part of the Advanced Software Engineering master course taught at the University of Fribourg. The team consisted of Thibaut Mauron, Ehsan Fahradi, Alexandre Nikodemski, Younos Cherkaoui, Numa de Montmollin and myself.

We implemented a Ruby on Rails application that communicates with the CyberCoach REST API. The work was managed using the Scrum methodology. We developed the project in a test-driven manner. We enforced good programming practices by defining different procedures. Certain practices were enforced by technical means, such as Git hooks.

We chose to build a gambling site where users can bet on boxing fights. As of the time of writing, a live demo is hosted on Heroku.

The Universal Digital Camera Interface Application (UDCI) was mandated by the Space Exploration Institute based in Neuchâtel, Switzerland. The project takes place as part of the development of the CLUPI camera, scheduled to be sent to Mars with the ESA’s ExoMars mission. The goal of the project is to develop an application for Windows 8.1 tablets to help engineers in the development of digital camera interfaces.

The application’s main functionality consists in allowing an engineer working on digital camera interfaces to quickly craft or decode binary frames exchanged with a camera ongoing testing. It is also capable of decoding images coming from the camera. It can then display them on an interactive graphical interface. The user can query individual pixels of the image and know about their color and position.

The project is realized as part of the R&D Workshop Master’s course taught at the University of Neuchâtel.

The E-Repair project provides benefits for citizen of swiss municipalities regarding the repair of broken public objects. Using this application, a citizen may simply notify the municipality about a non-critical issue. For instance, a citizen may report a dead animal, a broken street lamp or bench, or malfunctioning traffic lights.

Using an application on their smartphone, citizens can notify the correct municipality (using GPS positioning) about a problem. The municipality can then treat the problem and notify the citizen about progression.

As part of this project, I developed the administrator’s panel used by municipality employees.

The aim of the “Outil d’aide au déminage” project is to develop an Android application to help minesweepers in doing their job. It has to provide them with relevant data in a fast and well-thought way. Digger DTR, for the needs of a new project in collaboration with the Geneva International Centre for Humanitarian Demining (GICHD), has commissioned the project. Its goal is to adapt the existing system commercialised by Digger DTR that uses demining tanks to dog-assisted demining.

A demining dog handler needs the most current information delivered reliably in order to get the job done. The system that has been created is able to show a live map of the land mine, useful statistics and a number of simultaneous live streams coming from embedded cameras. The user is notified whenever the sensors on the dog warn about it being sited, meaning it has smelled the presence of a mine. The dog handler can transmit orders to his dog with the help of an audio connection between his handset and a speaker mounted on the dog.

The application that was developed satisfies the ergonomic exigency imposed by the client, which is a one-hand usable user interface. The user interface is designed so that the most frequently consulted information is accessible through the smallest amount of interaction.

As part of the project, an original graphical component has been created: the PieMenu. Its role is to provide a set of actions that can be triggered with only a single one-finger touch on the touchscreen.

The complete set of data shown on the Android application comes from the pre-existing Digger MSO application. The service as well as the network protocol capable of retrieving and delivering the information to the mobile tool were carried out for this specific project.

What has been achieved through this project complies with Digger’s requirements and will soon be used in real conditions in minefields of Bosnia and Cambodia.

Chibre is a traditional swiss card game played with 4 players around a table. C#ibre is essentially the same game, albeit we virtualized the cards and the scores board. A Windows 8.1 tablet lies at the center of the table and displays cards played and the score board. Each player uses a phone or a small tablet in place of a hand of cards. To play a card, a player simply taps on the card it wants.

A WiFi connection is used to transmit instructions from/to the server (tablet)/clients (phones). The game gets simplified as only valid actions can be performed by players. Moreover, scores are automatically computed.

ArcWork is a homework manager written in Ruby on Rails. It possesses all classical features of a homework manager. Teachers can assign homework to students, who can submit multiple versions and receive comments on them.

The project was realized as part of the web development course taught at Haute École Arc Ingénierie in Neuchâtel. Developed jointly with Adrian Moll and Etienne Frank.

Sucle is a social network based on the location of users. Message can be shared with audio or video files attached. Message sent from a specific radius from the current user’s location are shown. Each message can be commented by other users. The login process is done with a Facebook or a Google account.

The Figure Skating club in Yverdon needed a web platform to organize the distribution of courses over the available hours. We provided a system where people ask what they want, and the system figures out the best way to cope with everyone’s needs.

Starfighter 4K is a rendition of the Starfighter video game that we developed a year earlier. It is a Shoot-em-up game where two spaceships fight against each other in space.

With S4K, we added virtual reality by enabling control of the game with Kinect and Wiimotes at the same time. The game is best played projected to a wall. During development, the game proved to be very fun to play!

Further improvements were made in the menus (now controllable with Kinect and nicer) and in the gameplay.

Battle for Atlantis is a two-player game played on two computers. It is a derivative of the Battleship board game. Battle for Atlantis adds a story: both players compete to get first to the Atlantis. The game is played on three levels: surface, submarine and the Atlantis.

The game was developed in Java. Players computers communicate via TCP/IP using a custom protocol based on JSON.

Star² is a planetarium software. It shows a current view of the sky at the current location. While is can be used with a keyboard and a mouse, full functionality needs a separate embedded system to point at stars. A simulator was developed for Android, for people who don’t have the separate pointer.

It was developed as a full year project during the first academic year of my Bachelor. It is a joint project with Diego Antognini, Alexandre Perez, Loris Ceschin and Issa Barbier.

Messle for iPhone is an application enabling people to send and receive geo-localized messages. In traditional social network, like Facebook or Twitter, the criteria to show messages of other people is a following or friendship link. With Messle, the criteria is proximity and age of messages.

When a user sends a message, every other user located in a configurable range can see it. Multimedia content can be attached to text messages.

The iPhone application was developed by myself. The server component and the showcase website were developed by Diego Antognini and Malik Lechekhab, respectively. The project consisted in our CFC diploma project and got distinguished as one of the best 10 throughout Switzerland.